DOCSLIB.ORG

The Perfect Substitution Cipher

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Perfect Substitution Cipher The Perfect Substitution Cipher Use many alphabets to produce a perfectly flat distribution with no recognizable pattern for the choice of any alphabet at any given point. Suppose the Vigenère Tableau were extended infinitely with a random key Would defy the Kasiski Method. Any repeat encryptions would be purely coincidental IC = 0.038 suggesting a totally random encryption. Network & Information Security Prof. Shawkat K. Guirguis 1 One-time Pads Called the perfect cipher because it uses an arbitrarily long encryption key Sender and receiver are provided a book of keys and encryption tableaus. If each key has length = 20, then a 300 letter message would require 15 keys pasted adjacently. After encryption and subsequent decryption, both sender and receiver destroy the keys. No key is ever used twice. Network & Information Security Prof. Shawkat K. Guirguis 2 Problems with One-time Pads Requires absolute synchronization between sender and receiver Need exists for an unlimited number of keys Publishing, distributing and securing keys is a major problem - an administrative burden Network & Information Security Prof. Shawkat K. Guirguis 3 Use Of Random Numbers Approximates one-time pads computer generated random numbers must be scaled to the interval [0, 25] Requires complete synchronization between sender and receiver RN Generators are not truly random, and given enough ciphertext, they can be broken Network & Information Security Prof. Shawkat K. Guirguis 4 INFINITE KEYS Using Long RN Sequences RANDNOi+1 = c RANDNOi + b mod w where w is a large integer, typically 2x Short messages are generally pretty secure; long messages are vulnerable to probable word attacks Network & Information Security Prof. Shawkat K. Guirguis 5 The Vernam Cipher The Vernam cipher is a type of one-time pad devised by Gilbert Vernam for AT&T. The Vernam cipher is immune to most cryptanalytic attacks. The basic encryption involves an arbitrarily long nonrepeating sequence of numbers that are combined with the plaintext. Vernam's invention used an arbitrarily long punched paper tape that fed into a teletype machine. The tape contained random numbers that were combined with characters typed into the teletype. The sequence of random numbers was non-repeating, and each tape was used only once. Network & Information Security Prof. Shawkat K. Guirguis 6 The Vernam Cipher (cont.) As long as the key tape does not repeat or is not reused, this type of cipher is immune to cryptanalytic attack because the available ciphertext does not display the pattern of the key. A model of this process is shown in next Figure 2-7. Network & Information Security Prof. Shawkat K. Guirguis 7 Vernam Model Long Random Number Sequence Original Plaintext Ciphertext Plaintext Encryption Decryption denotes an XOR or other combining function Network & Information Security Prof. Shawkat K. Guirguis 8 Example: We will perform a Vernam encryption in decimal notation. Assume that the alphabetic letters are combined by sum mod 26 with a stream of random two-digit numbers. If the message is VERNAM CIPHER the letters would first be converted to their numeric equivalents, as shown here: V E R N A M C I P H E R 21 4 17 13 0 12 2 8 15 7 4 17 Network & Information Security Prof. Shawkat K. Guirguis 9 Example: (cont.) Next we need some random numbers to combine with the letter codes. Suppose the following series of random two-digit numbers is generated. 76 48 16 82 44 03 58 11 60 05 48 88 The encoded form of the message is the sum mod 26 of each coded letter with the corresponding random number. The result is then encoded in the usual base-26 alphabet representation. Network & Information Security Prof. Shawkat K. Guirguis 10 Vernam Example plaintext V E R N A M C I P H E R numeric equivalent 21 4 17 13 0 12 2 8 15 7 4 17 + random number 76 48 16 82 44 3 58 11 60 5 48 88 = sum 97 52 33 95 44 15 60 19 75 12 52 105 mod 26 19 0 7 17 18 15 8 19 23 12 0 1 ciphertext t a h r s p i t x m a b Network & Information Security Prof. Shawkat K. Guirguis 11 Example: (cont.) In this example, the repeated random number 48 happened to fall at the places of repeated letters, accounting for the repeated ciphertext letter a; such a repetition is highly unlikely. The repeated letter t comes from different plaintext letters, a much more likely occurrence. Duplicate ciphertext letters are generally unrelated with this encryption algorithm. Network & Information Security Prof. Shawkat K. Guirguis 12 The Binary Vernam Cipher This scheme works just as well with an "alphabet" of any other base. In order to encrypt a binary string (perhaps a series of words of binary data), random binary digits can be combined mod 2 with bits from the binary string. The result is another binary string . Network & Information Security Prof. Shawkat K. Guirguis 13 The Binary Vernam Cipher (cont.) For example, the binary number 101101100101011100101101011100101 can be encoded with the random binary stream 101111011110110101100100100110001 to produce the following ciphertext. 000010111011101001001001111010100 Binary addition mod 2 can be calculated by the "exclusive-or" function, which is addition without carry. Exclusive or is often supplied as a basic machine instruction on computers, making it easier to implement this algorithm. Adding 0 produces no change, whereas adding 1 "complements" or reverses a bit. Network & Information Security Prof. Shawkat K. Guirguis 14 Example Encrypt the word “ABC” with the key “tom” using binary vernam cipher? Network & Information Security Prof. Shawkat K. Guirguis 15 Characteristics of RNGs Many encryption algorithms rely on random numbers RNGs produce long period sequences but the cycle eventually repeats The linear congruential RNG is the most common type - requires a seed value NEW_RANDNO := (A*OLD_RANDNO + B) mod N A, B and N are constants; seed number and N must be prime relative to N Network & Information Security Prof. Shawkat K. Guirguis 16 Cracking Random Number Generators Notice that many encryption algorithms, like the Vernam cipher, incorporate random numbers. The safety of the encryption depends on the randomness of the numbers used. A random sequence for a Vernam cipher has to be truly random, meaning without any discernible pattern. For example, the binary string 01010101 has the obvious pattern of alternating 0s and 1s. Such a string would make a very bad choice for a random stream because of the discernible pattern. Network & Information Security Prof. Shawkat K. Guirguis 17 Cracking Random Number Generators (cont.) Where can we get truly random numbers, especially in a form easy to use with computers? The two-digit decimal numbers used in the Vernam cipher example are middle digits from a list of phone numbers in a residential directory. As such, they would be expected to be free from patterns. (There may still be some non-uniformity because many easy-to remember sequences, such as ddd-d000, ddd-1234, or ddd- 1212, are assigned to businesses. Exploiting that non-uniformity would require the interceptor to acquire and analyze great amounts of ciphertext.) A telephone directory is rather limited as a source of random numbers, and the numbers may not be available in a machine- readable format. Network & Information Security Prof. Shawkat K. Guirguis 18 Cracking Random Number Generators (cont.) A more common source of random numbers is a pseudo-random number generator computer program. Contrary to their name, these programs generate numbers from a predictable, repeating sequence. The most common type, the linear congruential random number generator, begins with an initial value or "seed," ro. Each successive random number ri+1 is generated by ri+1 = (a * ri + b) mod n where a, b, and n are constants. Network & Information Security Prof. Shawkat K. Guirguis 19 Cracking Random Number Generators (cont.) Often, n is chosen as 1 more than the maximum number that can be stored in a computer word, so that this computation can be performed by discarding any portion of the intermediate result that exceeds storage. This generator produces random integers between 0 and n - 1. (See [KNU81] for a thorough study of random number generators.) If ro and a are relatively prime to n, each number between 0 and n - 1 will be generated before the sequence repeats. But once the repetition begins, the entire sequence repeats in order. Network & Information Security Prof. Shawkat K. Guirguis 20 Cracking Random Number Generators (cont.) The problem with this form of random number generator is its dependability. Because each number depends only on the previous number, you can determine constants by solving a series of equations. r1 = a*r0 + b mod n r2 = a*r1 + b mod n r3 = a*r2 + b mod n An interceptor who has r0, r1, r2 and r3 can Network &solve Information for a, b, and n. Security Prof. Shawkat K. Guirguis 21 Cracking Random Number Generators (cont.) An interceptor can get r0, r1, r2 and r3 by a probable word attack. (See Next Slide) With a Vernam cipher, each ciphertext letter comes from the formula: ci = ri + pi mod 26. If an interceptor of the ciphertext guesses that the message starts with MEMO (M = 12, E = 4, O = 14), the interceptor can try to substitute probable values of Pi and solve for values of ri. Network & Information Security Prof. Shawkat K. Guirguis 22 Probable Word Attacks Given the structure of the linear congruential RNG, assume the first few ciphertext characters represent some likely word such as ‘MEMO,’ ‘DATE’ or ‘FROM’ Inserting the numeric equivalents for the plaintext probable words, a system of simultaneous equations can be developed and solved Network & Information Security Prof.
Load more

Recommended publications
  • A Secure Authentication System- Using Enhanced One Time Pad Technique
    IJCSNS International Journal of Computer Science and Network Security, VOL.11 No.2, February 2011 11 A Secure Authentication System- Using Enhanced One Time Pad Technique Raman Kumar1, Roma Jindal 2, Abhinav Gupta3, Sagar Bhalla4 and Harshit Arora 5 1,2,3,4,5 Department of Computer Science and Engineering, 1,2,3,4,5 D A V Institute of Engineering and Technology, Jalandhar, Punjab, India. Summary the various weaknesses associated with a password have With the upcoming technologies available for hacking, there is a come to surface. It is always possible for people other than need to provide users with a secure environment that protect their the authenticated user to posses its knowledge at the same resources against unauthorized access by enforcing control time. Password thefts can and do happen on a regular basis, mechanisms. To counteract the increasing threat, enhanced one so there is a need to protect them. Rather than using some time pad technique has been introduced. It generally random set of alphabets and special characters as the encapsulates the enhanced one time pad based protocol and provides client a completely unique and secured authentication passwords we need something new and something tool to work on. This paper however proposes a hypothesis unconventional to ensure safety. At the same time we need regarding the use of enhanced one time pad based protocol and is to make sure that it is easy to be remembered by you as a comprehensive study on the subject of using enhanced one time well as difficult enough to be hacked by someone else.
    [Show full text]
  • Cryptography in Modern World
    Cryptography in Modern World Julius O. Olwenyi, Aby Tino Thomas, Ayad Barsoum* St. Mary’s University, San Antonio, TX (USA) Emails: [email protected], [email protected], [email protected] Abstract — Cryptography and Encryption have been where a letter in plaintext is simply shifted 3 places down used for secure communication. In the modern world, the alphabet [4,5]. cryptography is a very important tool for protecting information in computer systems. With the invention ABCDEFGHIJKLMNOPQRSTUVWXYZ of the World Wide Web or Internet, computer systems are highly interconnected and accessible from DEFGHIJKLMNOPQRSTUVWXYZABC any part of the world. As more systems get interconnected, more threat actors try to gain access The ciphertext of the plaintext “CRYPTOGRAPHY” will to critical information stored on the network. It is the be “FUBSWRJUASLB” in a Caesar cipher. responsibility of data owners or organizations to keep More recent derivative of Caesar cipher is Rot13 this data securely and encryption is the main tool used which shifts 13 places down the alphabet instead of 3. to secure information. In this paper, we will focus on Rot13 was not all about data protection but it was used on different techniques and its modern application of online forums where members could share inappropriate cryptography. language or nasty jokes without necessarily being Keywords: Cryptography, Encryption, Decryption, Data offensive as it will take those interested in those “jokes’ security, Hybrid Encryption to shift characters 13 spaces to read the message and if not interested you do not need to go through the hassle of converting the cipher. I. INTRODUCTION In the 16th century, the French cryptographer Back in the days, cryptography was not all about Blaise de Vigenere [4,5], developed the first hiding messages or secret communication, but in ancient polyalphabetic substitution basically based on Caesar Egypt, where it began; it was carved into the walls of cipher, but more difficult to crack the cipher text.
    [Show full text]
  • A Practical Implementation of a One-Time Pad Cryptosystem
    Jeff Connelly CPE 456 June 11, 2008 A Practical Implementation of a One-time Pad Cryptosystem 0.1 Abstract How to securely transmit messages between two people has been a problem for centuries. The first ciphers of antiquity used laughably short keys and insecure algorithms easily broken with today’s computational power. This pattern has repeated throughout history, until the invention of the one-time pad in 1917, the world’s first provably unbreakable cryptosystem. However, the public generally does not use the one-time pad for encrypting their communication, despite the assurance of confidentiality, because of practical reasons. This paper presents an implementation of a practical one-time pad cryptosystem for use between two trusted individuals, that have met previously but wish to securely communicate over email after their departure. The system includes the generation of a one-time pad using a custom-built hardware TRNG as well as software to easily send and receive encrypted messages over email. This implementation combines guaranteed confidentiality with practicality. All of the work discussed here is available at http://imotp.sourceforge.net/. 1 Contents 0.1 Abstract.......................................... 1 1 Introduction 3 2 Implementation 3 2.1 RelatedWork....................................... 3 2.2 Description ........................................ 3 3 Generating Randomness 4 3.1 Inadequacy of Pseudo-random Number Generation . 4 3.2 TrulyRandomData .................................... 5 4 Software 6 4.1 Acquiring Audio . 6 4.1.1 Interference..................................... 6 4.2 MeasuringEntropy................................... 6 4.3 EntropyExtraction................................ ..... 7 4.3.1 De-skewing ..................................... 7 4.3.2 Mixing........................................ 7 5 Exchanging Pads 8 5.1 Merkle Channels . 8 5.2 Local Pad Security .
    [Show full text]
  • Historical Ciphers • A
    ECE 646 - Lecture 6 Required Reading • W. Stallings, Cryptography and Network Security, Chapter 2, Classical Encryption Techniques Historical Ciphers • A. Menezes et al., Handbook of Applied Cryptography, Chapter 7.3 Classical ciphers and historical development Why (not) to study historical ciphers? Secret Writing AGAINST FOR Steganography Cryptography (hidden messages) (encrypted messages) Not similar to Basic components became modern ciphers a part of modern ciphers Under special circumstances modern ciphers can be Substitution Transposition Long abandoned Ciphers reduced to historical ciphers Transformations (change the order Influence on world events of letters) Codes Substitution The only ciphers you Ciphers can break! (replace words) (replace letters) Selected world events affected by cryptology Mary, Queen of Scots 1586 - trial of Mary Queen of Scots - substitution cipher • Scottish Queen, a cousin of Elisabeth I of England • Forced to flee Scotland by uprising against 1917 - Zimmermann telegram, America enters World War I her and her husband • Treated as a candidate to the throne of England by many British Catholics unhappy about 1939-1945 Battle of England, Battle of Atlantic, D-day - a reign of Elisabeth I, a Protestant ENIGMA machine cipher • Imprisoned by Elisabeth for 19 years • Involved in several plots to assassinate Elisabeth 1944 – world’s first computer, Colossus - • Put on trial for treason by a court of about German Lorenz machine cipher 40 noblemen, including Catholics, after being implicated in the Babington Plot by her own 1950s – operation Venona – breaking ciphers of soviet spies letters sent from prison to her co-conspirators stealing secrets of the U.S. atomic bomb in the encrypted form – one-time pad 1 Mary, Queen of Scots – cont.
    [Show full text]
  • Secure Communications One Time Pad Cipher
    Cipher Machines & Cryptology Ed. 7.4 – Jan 22, 2016 © 2009 - 2016 D. Rijmenants http://users.telenet.be/d.rijmenants THE COMPLETE GUIDE TO SECURE COMMUNICATIONS WITH THE ONE TIME PAD CIPHER DIRK RIJMENANTS Abstract : This paper provides standard instructions on how to protect short text messages with one-time pad encryption. The encryption is performed with nothing more than a pencil and paper, but provides absolute message security. If properly applied, it is mathematically impossible for any eavesdropper to decrypt or break the message without the proper key. Keywords : cryptography, one-time pad, encryption, message security, conversion table, steganography, codebook, covert communications, Morse cut numbers. 1 Contents 1. Introduction………………………………. 2 2. The One-time Pad………………………. 3 3. Message Preparation…………………… 4 4. Encryption………………………………... 5 5. Decryption………………………………... 6 6. The Optional Codebook………………… 7 7. Security Rules and Advice……………… 8 8. Is One-time Pad Really Unbreakable…. 16 9. Legal Issues and Personal Security…... 18 10. Appendices………………………………. 19 1. Introduction One-time pad encryption is a basic yet solid method to protect short text messages. This paper explains how to use one-time pads, how to set up secure one-time pad communications and how to deal with its various security issues. Working with one-time pads is easy to learn. The system is transparent and you do not need a computer, special equipment or any knowledge about cryptographic techniques or mathematics. One-time pad encryption is an equation with two unknowns, which is mathematically unsolvable. The system therefore provides truly unbreakable encryption when properly used. It will never be possible to decipher one-time pad encrypted data without having the proper key, regardless any existing or future cryptanalytic attack or technology, infinite computational power or infinite time.
    [Show full text]
  • CS355: Cryptography
    Cristina Nita-Rotaru CS355: Cryptography Lecture 5: One–time pad. One-time pad } Extend Vigenère cipher so that the key is as long as the plaintext } No repeat, cannot be broken by finding key length + frequency analysis } Key is a random string that is at least as long as the plaintext } Encryption is similar to Vigenère 2 Cristina Nita-Rotaru History of One-time pad } 1882 - First described by Frank Miller } 1917 - Re-invented by Gilbert Vernam; one time pad also known as the Vernam cipher } 1919 - Patented by Vernam } Joseph Mauborgne recognized that having the key totally random increased security } 1949 – showed the One-time pad had perfect secrecy, Shannon 3 Cristina Nita-Rotaru Gilbert Sandford Joseph Mauborgne Vernam (1890 - 1960), (1881-1971) was a was AT&T Bell Labs Major General in the Claude Elwood Shannon engineer" United States Army" (1916 - 2001), American electronic engineer and mathematician, was "the father of information theory " 4 Cristina Nita-Rotaru One-time pad: encryption and decryption Key is chosen randomly Plaintext X = (x1 x2 … xn) Key K = (k1 k2 … kn) Ciphertext Y = (y1 y2 … yn) ek(X) = (x1+k1 x2+k2 … xn+kn) mod m dk(Y) = (y1- k1 y2-k2 … yn-kn) mod m 5 Cristina Nita-Rotaru Binary version of One-time pad Plaintext space = Ciphtertext space = Keyspace = {0,1}n Key is chosen randomly For example: }! Plaintext is 11011011 }! Key is 01101001 }! Then ciphertext is 10110010 6 Cristina Nita-Rotaru Bit operators }! Bit AND 0 ∧ 0 = 0 0 ∧ 1 = 0 1 ∧ 0 = 0 1 ∧ 1 = 1 }! Bit OR 0 ∨ 0 = 0 0 ∨ 1 = 1 1 ∨ 0 = 1 1 ∨ 1 = 1 }! Addition mod 2 (also known as Bit XOR) 0 ⊕ 0 = 0 0 ⊕ 1 = 1 1 ⊕ 0 = 1 1 ⊕ 1 = 0 7 Cristina Nita-Rotaru Security of One-time pad }! Intuitively, it is secure … }! The key is random, so the ciphertext is completely random 8 Cristina Nita-Rotaru Information-theoretic security } Basic Idea: Ciphertext should provide no “information” about plaintext } We also say such a scheme has perfect secrecy.
    [Show full text]
  • Substitution Cipher in Cryptography, a Substitution Cipher Is a Method Of
    Substitution cipher In cryptography, a substitution cipher is a method of encryption by which units of plaintext are replaced with ciphertext according to a regular system; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth. The receiver deciphers the text by performing an inverse substitution. Substitution ciphers can be compared with transposition ciphers. In a transposition cipher, the units of the plaintext are rearranged in a different and usually quite complex order, but the units themselves are left unchanged. By contrast, in a substitution cipher, the units of the plaintext are retained in the same sequence in the ciphertext, but the units themselves are altered. There are a number of different types of substitution cipher. If the cipher operates on single letters, it is termed a simple substitution cipher; a cipher that operates on larger groups of letters is termed polygraphic. A monoalphabetic cipher uses fixed substitution over the entire message, whereas a polyalphabetic cipher uses a number of substitutions at different times in the message, where a unit from the plaintext is mapped to one of several possibilities in the ciphertext and vice-versa. Contents • 1 Simple substitution o 1.1 Examples o 1.2 Security for simple substitution ciphers • 2 Homophonic substitution • 3 Polyalphabetic substitution • 4 Polygraphic substitution • 5 Mechanical substitution ciphers • 6 The one-time pad • 7 Substitution in modern cryptography • 8 Substitution ciphers in popular culture Simple substitution 1 ROT13 is a Caesar cipher, a type of substitution cipher. In ROT13, the alphabet is rotated 13 steps.
    [Show full text]
  • Vernam, Mauborgne, and Friedman: the One-Time Pad and the Index of Coincidence
    Vernam, Mauborgne, and Friedman: The One-Time Pad and the Index of Coincidence Steven M. Bellovin https://www.cs.columbia.edu/˜smb CUCS-014-14 Abstract The conventional narrative for the invention of the AT&T one-time pad was related by David Kahn. Based on the evidence available in the AT&T patent files and from interviews and correspondence, he concluded that Gilbert Vernam came up with the need for randomness, while Joseph Mauborgne realized the need for a non-repeating key. Examination of other documents suggests a different narrative. It is most likely that Vernam came up with the need for non-repetition; Mauborgne, though, apparently contributed materially to the invention of the two-tape variant. Furthermore, there is reason to suspect that he suggested the need for randomness to Vernam. However, neither Mauborgne, Herbert Yardley, nor anyone at AT&T really understood the security advantages of the true one-time tape. Col. Parker Hitt may have; William Friedman definitely did. Finally, we show that Friedman’s attacks on the two-tape variant likely led to his invention of the index of coincidence, arguably the single most important publication in the history of cryptanalysis. 1 Introduction The one-time pad as we know it today is generally credited to Gilbert Vernam and Joseph O. Mauborgne [22]. (I omit any discussion of whether or not the earlier work by Miller had some influence [2]; it is not relevant to this analysis.) There were several essential components to the invention: • Online encryption, under control of a paper tape containing the key.
    [Show full text]
  • Encryption Algorithms (Part V)
    Encryption Algorithms (Part V) Polygram Substitution Ciphers Irvanizam Zamanhuri, M.Sc Computer Science Study Program [email protected] http://informatika.unsyiah.ac.id/irvanizam Vernam Cipher and One-Time Pads o If the key to a substitution cipher is a random sequence of characters and is not repeated, there is not enough information to break the cipher. o Such a cipher is called a one-time pad , as it is only used once. o The implementation of one-time pads in computer systems is based on an ingenious device designed by Gilbert Vernam in 1917. o An employee of American Telephone and Telegraph Company (A. T. & T.) Continue o Vernam designed a cryptographic device for telegraphic communications based on the 32 character Baudot code of the new teletypewriters developed at A. T. & T. o Each character is represented as a combination of five marks and spaces , corresponding to the bits 1 and 0 in digital computers. o A nonrepeating random sequence of key characters is punched on paper tape, and each plaintext bit is added modulo 2 to the next key bit. Vernam Cipher - Encryption o Letting M = m 1m2... denote a plaintext bit stream and K = k 1k2... a key bit stream, o the Vernam cipher generates a ciphertext bit stream C = E k(M) = c 1c2... where ci = (m i + k i) mod 2, i = 1,2,... q The cipher is thus like a Vigenere cipher over the binary alphabet (0, 1). o The Vernam cipher is efficiently implemented in microelectronics by taking the “exclusive-or” (XOR) of each plaintext/key pair ci = m i ⊕⊕⊕ ki Vernam Cipher - Decryption o Because ki ⊕⊕⊕ ki = 0 for ki = 0 or 1, deciphering is performed with the same operation: o ci = m i ⊕⊕⊕ ki o ci ⊕⊕⊕ ki = m i ⊕⊕⊕ ki ⊕⊕⊕ ki o ci ⊕⊕⊕ ki = m i o Hence, mi = ci ⊕⊕⊕ ki Example o If the plaintext character A (11000 in Baudot) is added to the key character D (10010 in Baudot), the ciphertext is below.
    [Show full text]
  • Ciphers Block Ciphers Hans-Wolfgang Loidl DES and Rijndael Modes of Symmetric Key Encryption
    1 Overview Cryptography1 2 Symmetric Encryption Stream ciphers Block ciphers Hans-Wolfgang Loidl DES and Rijndael http://www.macs.hw.ac.uk/~hwloidl Modes of symmetric key encryption School of Mathematical and Computer Sciences Heriot-Watt University, Edinburgh 3 Public Key (Asymmetric) Encryption Overview Concepts RSA encryption 1Based on Goodrich’s textbook, HAC, and Aspinall’s slides Hans-Wolfgang Loidl (Heriot-Watt Univ) F28DA — 2012/13 1 / 42 Hans-Wolfgang Loidl (Heriot-Watt Univ) F28DA — 2012/13 2 / 42 Stream Ciphers Stream Ciphers Question Recall Caesar’s cipher: Why is it so easy to crack? A stream cipher encrypts a message character by character. We can improve the strength of the Caesar cipher by: The transformation that is applied typically varies over time. Performing a more general substitution of characters, rather than Stream ciphers are usually faster than block ciphers. simple rotation. Keyspace grows from 26 to They can be used even if the full message is not available, i.e. 26! = 403291461126605635584000000 =~4 · 1027 good for internet-style streaming. Question In some cases, hardware accelerators have been developed for stream ciphers, to speed up en-/de-cryption further. Does such increased keyspace make Caesar’s cipher more secure? Because the handle character-by-character, they have limited Using different keys on different characters. error propagation, and transmission errors are less disruptive. Transforming groups of characters, rather than individual characters. Hans-Wolfgang Loidl (Heriot-Watt Univ) F28DA — 2012/13 3 / 42 Hans-Wolfgang Loidl (Heriot-Watt Univ) F28DA — 2012/13 4 / 42 Vigenere Cipher One-time pads A one-time pad, or Vernam cipher, is an unbreakable stream cipher: Invented by Joseph Mauborgne and Gilbert Vernam in 1917.
    [Show full text]
  • Chapter 1: Introduction
    Introduction to Symmetric Cryptography Tingting Chen Cal Poly Pomona 1 Some slides are from Dr. Cliff Zou. www.cs.ucf.edu/~czou/CIS3360-12/Ch08-CryptoConcepts.ppt Basic Cryptography • Private Key Cryptography – Secret Key Cryptography, Symmetric Cryptography, Classical Cryptography • Public Key Cryptography 2 Classical Cryptography Alice Encrypt Decrypt Bob (algorithm) (algorithm) Plaintext X Ciphertext Y Plaintext X Secure Channel Secret key K Key Source 3 Classical Cryptography • Sender, receiver share common key – Keys may be the same, or trivial to derive from one another • Two basic types – Transposition ciphers – Substitution ciphers • e.g., Caesar cipher, Vigenere cipher, one-time pad, S-box 4 One-Time Pads • There is one type of substitution cipher that is absolutely unbreakable. – The one-time pad was invented in 1917 by Joseph Mauborgne and Gilbert Vernam – We use a block of shift keys, (k1, k2, . , kn), to encrypt a plaintext, M, of length n, with each shift key being chosen uniformly at random. • Since each shift is random, every ciphertext is equally likely for any plaintext. 5 Weaknesses of the One-Time Pad • In spite of their perfect security, one-time pads have some weaknesses • The key has to be as long as the plaintext • Keys can never be reused – Repeated use of one-time pads allowed the U.S. to break some of the communications of Soviet spies during the Cold War. 6 Public domain declassified government image from https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications/books-and-monographs/venona-soviet-espionage-and-the-american-response-1939-1957/part2.htm Block Ciphers • In a block cipher: – Plaintext and ciphertext have fixed length b (e.g., 128 bits) – A plaintext of length n is partitioned into a sequence of m blocks, P[0], …, P[m−1], where n ≤ bm < n + b • Each message is divided into a sequence of blocks and encrypted or decrypted in terms of its blocks.
    [Show full text]
  • La Crittologia Da Arte a Scienza: L’Eredità Di Shannon E Turing
    La crittologia da arte a scienza: l’eredità di Shannon e Turing Angelo Luvison Sommario Gli epocali contributi, sia teorici che pratici, di Claude Shannon – padre della teoria dell’informazione e della segretezza – e di Alan Turing – primo artefice della decrittazione dei messaggi della macchina Enigma – hanno trasformato la crittologia (crittografia + crittanalisi) da pratica artigianale a scienza rigorosa. Poiché le minacce alla sicurezza nel cyberspazio diventano sempre più subdole e tecnologicamente maliziose, la crittografia – oggi contemporaneamente arte e scienza – continuerà a svolgere un ruolo di protezione indispensabile nella sicurezza dei servizi informatici. Abstract The seminal contributions, both theoretical and practical, of Claude Shannon – father of the theory of information and secrecy – and Alan Turing – principal codebreaker of the Enigma machine – changed cryptology (cryptography + cryptanalysis) from a mainly hand- crafted work to a mathematical science. As security threats in cyberspace become more and more malicious and technologically smart, cryptography – being at the same time an art and a science – will play an increasing role to cope with high-level trust in digital service security. Keywords: Milestones in cryptology, Shannon and Turing cryptologists, Enigma breaking, Cybersecurity La crittologia da arte a scienza: l’eredita di Shannon e Turing 1. Introduzione Strumento tecnico-scientifico fondamentale per la cybersicurezza è la crittologia – dal greco kryptós (“nascosto”) e logos (“parola”) – scienza che comprende due branche: la crittografia e la crittanalisi [1]. La prima propone nuovi metodi e algoritmi tanto per proteggere i dati e l’informazione quanto per garantire l’autenticità di un messaggio o la sua integrità; mentre la crittanalisi escogita metodi per forzare, illecitamente o a scopo di prova, uno schema cifrato.
    [Show full text]